Cannot read remote files through ssh

Question

Cannot read remote files through ssh

tshu-w opened this issue 3 years ago · 28 comments

As discussed in #426, waketime can not read remote files through ssh. I tried to make a minimal reproduction sample in this issue.

Steps

ssh 124.16.139.208 -p 10722 login without password currectly.
wakatime-cli --entity ssh://124.16.139.208:10722/home/wangtianshu/test_project/test.py got error

Configs

~/.ssh/config: empty
~/.ssh/knwon_hosts:

[124.16.139.208]:10722 ssh-ed25519 AAAAC3***
[124.16.139.208]:10722 ssh-rsa AAAAB3***
[124.16.139.208]:10722 ecdsa-sha2-nistp256 AAAAE2***

Logs:

{"caller":"github.com/wakatime/wakatime-cli/pkg/remote/remote.go:88","func":"1","level":"error","message":"failed to download file to temporary folder: failed to connect to sftp host: failed to connecto to '124.16.139.208:10722': ssh: handshake failed: ssh: host key mismatch","now":"2022-02-23T10:35:58+08:00","version":"v1.37.0"}
{"caller":"github.com/wakatime/wakatime-cli/pkg/language/chroma.go:128","func":"selectByCustomizedPriority","level":"warning","message":"failed to load folder extensions: failed to read directory: open ssh://124.16.139.208:10722/home/wangtianshu/test_project/: no such file or directory","now":"2022-02-23T10:35:58+08:00","version":"v1.37.0"}

Environment:

OS: mac
Platform: 386

Answer 1 · 2022-02-23T11:01:55.000Z

It happens probabaly because you have multiple entries in ~/.ssh/knwon_hosts and wakatime-cli only take the first one. I'll implement a way where we take all of them and try each one before aborting.

Answer 2 · 2022-02-23T11:06:24.000Z

@gandarez I tried to delete known_hosts and ssh, these three entries are both added.

Answer 3 · 2022-02-23T20:36:36.000Z

If you're using vscode you could try our latest alpha version by enabling alpha = true in ~/.wakatime.cfg.

Answer 4 · 2022-02-24T01:34:19.000Z

Hi, this time I got unable to authenticate even if I can ssh without password (the authenticate error disappear if I pass password to wakatime-cli and my id_rsa is place at ~/.ssh/id_rsa).

{"caller":"/Users/runner/work/wakatime-cli/wakatime-cli/pkg/remote/remote.go:213","func":"Connect","level":"warning","message":"failed to connect to '124.16.139.208:10722': failed to dial to '124.16.139.208:10722': ssh: handshake failed: ssh: host key mismatch","now":"2022-02-24T09:31:18+08:00","version":"v1.39.0-alpha.1"}
{"caller":"/Users/runner/work/wakatime-cli/wakatime-cli/pkg/remote/remote.go:213","func":"Connect","level":"warning","message":"failed to connect to '124.16.139.208:10722': failed to dial to '124.16.139.208:10722': ssh: handshake failed: ssh: host key mismatch","now":"2022-02-24T09:31:18+08:00","version":"v1.39.0-alpha.1"}
{"caller":"/Users/runner/work/wakatime-cli/wakatime-cli/pkg/remote/remote.go:213","func":"Connect","level":"warning","message":"failed to connect to '124.16.139.208:10722': failed to dial to '124.16.139.208:10722': ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain","now":"2022-02-24T09:31:19+08:00","version":"v1.39.0-alpha.1"}

Answer 5 · 2022-02-24T18:35:35.000Z

@tshu-w could you please enable debug = true in your ~/.wakatime.cfg, clean-up your ~/.wakatime.log file and do it again? Please send the log file to carlos@wakatime.com.

Answer 6 · 2022-02-24T18:39:43.000Z

@tshu-w so normally your ssh key isn't at ~/.ssh/id_rsa and you specify the key to use in ~/.ssh/config? Then the missing part is wakatime-cli needing to read ~/.ssh/config to find the correct private key file to use.

Answer 7 · 2022-02-24T18:41:29.000Z

the authenticate error disappear if I pass password to wakatime-cli and my id_rsa is place at ~/.ssh/id_rsa

Only password or key should be needed but not both. Does it work without password when your ssh key is at ~/.ssh/id_rsa?

Answer 8 · 2022-02-25T03:03:47.000Z

@tshu-w could you please enable debug = true in your ~/.wakatime.cfg, clean-up your ~/.wakatime.log file and do it again? Please send the log file to carlos@wakatime.com.

Done. Please check you email.

Does it work without password when your ssh key is at ~/.ssh/id_rsa?

No, I cleared out my ~/.ssh/config and make sure there is a ~/.ssh/id_rsa which I can use to ssh, but I got above error.

Answer 9 · 2022-02-25T03:07:10.000Z

I am not familiar with go, but I would like to ask about the code implementation. I understand if this kind of functionality should make use of existing tools as much as possible (by calling system related ssh tools for file caching etc.). But wakatime-cli seems to require parsing ~/.ssh/knwon_hosts by itself? And there is also a lack of support for ~/.ssh/config.

Answer 10 · 2022-04-14T20:17:44.000Z

We don't want to re-use existing ssh tools because that's system dependent. We're fine with using go libraries to parse these files, but that's not much different than parsing them ourselves.

Answer 11 · 2022-04-16T12:00:18.000Z

In fact, I think it is much easier to use system specific ssh tools to get the file than to parse ssh config yourself. After all, we only have a few major categories of systems (Windows, Linux/macOS), and trying to parse the ssh config file is far more complicated than one might think, because there are so many options, such as the command Match needs to execute shell commands. Also, your PR doesn't seem to support common ProxyCommand, and my scenario is probably more complicated because I'm using the GPG key for ssh authentications, with all due respect, I don't see any hope of supporting it the current way.

Answer 12 · 2022-04-20T04:16:11.000Z

When we find ProxyCommand we can try executing the sftp binary to download the file, but in most cases I want to stay in Go-land because a lot of bugs are caused by depending or expecting things to be a certain way on every Linux machine.